Hi folks,
So with wheezy out, libaudit is now multiarch-capable, which means for
jessie I would like to enable the tty_audit PAM module. This brings
libaudit into the transitively essential set of libraries, so should be
discussed here. (I forgot to raise this thread before actually uploading
this change to unstable; sorry about that. Since I believe this change will
be fairly uncontroversial, I'll leave it as-is in the archive pending the
outcome of this discussion, unless someone is aware of issues that it's
causing.)
libaudit provides core security functionality, related, as the name implies,
to audit logs for sessions. It enables auditd, but does not depend on it;
auditd itself remains optional, and libaudit is a no-op with reasonably low
overhead without it. But support for it must be enabled in the core
packages in order for auditd to do its job usefully.
libaudit1 has no new external dependencies (just libaudit-common), and is a
tiny waif of a library (~200k).
Are there any objections to pulling libaudit into the base set?
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org